JavaWeb基础——Cookie和Session

1、什么是Cookie和Session

什么是会话?
这里写图片描述
这里写图片描述
2、Cookie技术
这里写图片描述

创建Cookie

package cn.itcast.cookie;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class CookieDemo1
 */
@WebServlet("/CookieDemo1")
public class CookieDemo1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        out.print("您上次访问的时间是:");

        //获得用户的时间cookie
        Cookie cookies[]=request.getCookies();//创建Cookie,返回一个数组,Cookie最多保存300个
        for(int i=0;cookies!=null && i<cookies.length;i++) {
            if(cookies[i].getName().equals("lastAccessTime")) {
                long cookieValue=Long.parseLong(cookies[i].getValue());//cookies[i].getValue()返回的是字符串
                Date date=new Date(cookieValue);
                out.print(date.toLocaleString());
            }
        }
        //给用户回送最新的访问时间
        Cookie cookie=new Cookie("lastAccessTime",System.currentTimeMillis()+"");
        cookie.setMaxAge(1*30*24*3600);//设置最大的cookie保存时间


        /*cookie.setPath()此处的参数,是相对于应用服务器存放应用的文件夹的根目录而言的(比如tomcat下面的webapp),
         * 因此cookie.setPath("/");之后,可以在webapp文件夹下的所有应用共享cookie,
         * 而cookie.setPath("/webapp_b/");是指cas应用设置的cookie只能在webapp_b应用下的获得,
         * 即便是产生这个cookie的cas应用也不可以。
         * 
         * 
         * */
        cookie.setPath("/day2");//获取cookie的访问地
        response.addCookie(cookie);
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

删除Cookie

CookieDemo2.java

package cn.itcast.cookie;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 点击超链接删除该Cookie记录
 */
@WebServlet("/CookieDemo2")
public class CookieDemo2 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        out.print("<a href='/day2/CookieDemo2_1'>清除上次访问时间</a><br/>");
        out.print("您上次访问的时间是:");

        //获得用户的时间cookie
        Cookie cookies[]=request.getCookies();
        for(int i=0;cookies!=null && i<cookies.length;i++) {
            if(cookies[i].getName().equals("lastAccessTime")) {
                long cookieValue=Long.parseLong(cookies[i].getValue());
                Date date=new Date(cookieValue);
                out.print(date.toLocaleString());
            }
        }
        //给用户会送最新的访问时间
        Cookie cookie=new Cookie("lastAccessTime",System.currentTimeMillis()+"");
        cookie.setMaxAge(1*30*24*3600);//设置最大的cookie保存时间
        cookie.setPath("/day2");
        response.addCookie(cookie);
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

CookieDemo2_1.java

package cn.itcast.cookie;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class CookieDemo2_1
 */
@WebServlet("/CookieDemo2_1")
public class CookieDemo2_1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        Cookie cookie=new Cookie("lastAccessTime",System.currentTimeMillis()+"");//相当于覆盖,但设置Cookie存储期限为0由此达到删除目的
        cookie.setMaxAge(0);
        cookie.setPath("/day2");
        response.addCookie(cookie);



    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

Cookie案例——显示历史清单

Demo1.java

package cn.itcast.cookieAplication;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class Demo1
 */
@WebServlet("/Demo1")
public class Demo1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        //1、输出网站所有商品
        out.write("本网站有如下商品:<br/>");
        Map<String,Book>map=Db.getAll();
        for(Map.Entry<String, Book>entry:map.entrySet()) {
            Book book=entry.getValue();
            out.print("<a href='Demo2?id="+book.getId()+"' target='_blank'>"+book.getName()+"</a><br/>");
        }//每一个都是超链接

        //2、显示用户曾经看过的商品
        out.print("<br/>您曾经看过的商品:<br/>");
        Cookie cookies[]=request.getCookies();
        for(int i=0;cookies!=null && i<cookies.length;i++) {
            if(cookies[i].getName().equals("bookHistory")) {
                String ids[]=cookies[i].getValue().split("\\,");
                for(String id:ids) {
                    Book book=(Book)Db.getAll().get(id);
                    out.print(book.getName()+"<br/>");
                }
            }
        }


    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }
}


class Db{
    private static Map<String,Book> map=new LinkedHashMap();
    static {
        map.put("1", new Book("1","javaweb开发","老张","一本好书"));
        map.put("2", new Book("2","jdbc开发","老张","一本好书"));
        map.put("3", new Book("3","spring开发","老黎","一本好书"));
        map.put("4", new Book("4","struts开发","老毕","一本好书"));
        map.put("5", new Book("5","android开发","老黎","一本好书"));
    }
    public static Map getAll() {
        return map;
    }
}



class Book{
    public Book() {
        super();
        // TODO Auto-generated constructor stub
    }
    public Book(String id, String name, String author, String description) {
        super();
        this.id = id;
        this.name = name;
        this.author = author;
        this.description = description;
    }
    private String id;
    private String name;
    private String author;
    private String description;

    public String getId() {
        return id;
    }
    public void setId(String id) {
        this.id = id;
    }
    public String getName() {
        return name;
    }
    public void setName(String name) {
        this.name = name;
    }
    public String getAuthor() {
        return author;
    }
    public void setAuthor(String author) {
        this.author = author;
    }
    public String getDescription() {
        return description;
    }
    public void setDescription(String description) {
        this.description = description;
    }

}

Demo2.java

package cn.itcast.cookieAplication;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;
import java.util.LinkedList;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 显示商品详细信息的Servlet
 */
@WebServlet("/Demo2")
public class Demo2 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();
        //1、根据用户带过来的id,显示相应商品的详细信息
        String id=request.getParameter("id");
        Book book=(Book)Db.getAll().get(id);
        out.write(book.getId()+"<br/>");
        out.write(book.getName()+"<br/>");
        out.write(book.getDescription()+"<br/>");
        out.write(book.getAuthor()+"<br/>");

        //2、构建cookie,回写给浏览器
        String cookieValue=buildCookie(id,request);
        Cookie cookie=new Cookie("bookHistory",cookieValue);
        cookie.setMaxAge(1*30*24*3600);
        cookie.setPath("/day2");
        response.addCookie(cookie);
    }

    private String buildCookie(String id, HttpServletRequest request) {
        // TODO Auto-generated method stub

        //bookHistory=null      1   1
        //bookHistory=2,5,1     1   1,2,5
        //bookHistory=2,5,4     1   1,2,5
        //bookHistory=2,5       1   1,2,5
        String bookHistory=null;
        Cookie cookies[]=request.getCookies();
        for(int i=0;cookies!=null && i<cookies.length;i++) {
            if(cookies[i].getName().equals("bookHistory")) {
                bookHistory=cookies[i].getValue();
            }
        }
        if(bookHistory==null) {
            return id;
        }
        LinkedList<String> list=new LinkedList(Arrays.asList(bookHistory.split("\\,")));
        /*
        if(list.contains(id)) {
            //bookHistory=2,5,1     1   1,2,5
            list.remove(id);
            list.addFirst(id);
        }else {
            //bookHistory=2,5,4     1   1,2,5

            if(list.size()>=3) {
                list.removeLast();
                list.addFirst(id);
            }else {
                //bookHistory=2,5       1   1,2,5
                list.addFirst(id);
            }
        }
        */
        if(list.contains(id)) {
            list.remove(id);
        }else {
            if(list.size()>=3) {
                list.removeLast();
            }
        }
        list.addFirst(id);

        StringBuffer sb=new StringBuffer();
        for(String bid:list) {
            sb.append(bid+",");
        }

        return sb.deleteCharAt(sb.length()-1).toString();
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

3、Session
这里写图片描述
这里写图片描述

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
    <a href="SessionDemo1">购买</a>
    <a href="SessionDemo1_1">结账</a>
</body>
</html>

example1

解决禁用Cookie的解决方案

package cn.itcast.session;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 禁用Cookie的解决方案
 */
@WebServlet("/WelcomeServlet")
public class WelcomeServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        String url1=response.encodeURL("SessionDemo1");//URL重写,在后面自动跟上session的id号
        String url2=response.encodeURL("SessionDemo1_1");//若没有禁用cookie则不会重写URL,没有就会自动重写URL

        out.print("<a href='"+url1+"'>购买</a>");
        out.print("<a href='"+url2+"'>结账</a>");

    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

购买servlet

package cn.itcast.session;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 购买的Servlet
 * 
 * Session的生命周期:
 * 当访问程序时,程序里面调用了getSession时Session生
 * 当会话关闭(不关,但当30分钟后也会死,这个时间可以在web.xml中通过session-config设置)后30分钟,Session才结束,它是由服务器管的
 * 
 * 
 */
@WebServlet("/SessionDemo1")
public class SessionDemo1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session=request.getSession();//有session就不创建,没session就创建
        //下面的代码依据Session原理,回写sessionid到cookie中,并保持与session同样的有效期
        //能解决关闭浏览器后,仍可获取到sessionid
        String sessionid=session.getId();//获取session的id
        //将sessionid以cookie的方式存在磁盘中,有效期为30min
        Cookie cookie=new Cookie("JSESSIONID",sessionid);
        cookie.setPath("/day2");
        cookie.setMaxAge(30*60);



        session.setAttribute("name", "洗衣机");

    //  request.getSession(false);//不创建session,只获取session

    //  session.invalidate();//这句话也能摧毁session
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

结账servlet

package cn.itcast.session;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 结账的Servlet,如果另外再开一个浏览器访问结账是拿不到的,它只为一个会话服务。
 */
@WebServlet("/SessionDemo1_1")
public class SessionDemo1_1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        HttpSession session=request.getSession();
        String product=(String)session.getAttribute("name");
        out.write("您购买的商品是:"+product);
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

example2

login.html

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
    <form action="LoginServlet" method=post>
        用户名:<input type="text" name="username"><br/>
        密码:<input type="password" name="password"><br/>
        <input type="submit" value="登陆">    

    </form>
</body>
</html>

User.java

package cn.itcast.session;

public class User {
    private String username;
    private String password;

    public User(String username, String password) {
        super();
        this.username = username;
        this.password = password;
    }

    public User() {
        super();
        // TODO Auto-generated constructor stub
    }

    public String getUsername() {
        return username;
    }
    public void setUsername(String username) {
        this.username = username;
    }
    public String getPassword() {
        return password;
    }
    public void setPassword(String password) {
        this.password = password;
    }

}

LoginServlet.java

package cn.itcast.session;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class LoginServlet
 */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        String username=request.getParameter("username");
        String password=request.getParameter("password");

        List<User>list=DB.getAll();
        for(User user:list) {
            if(user.getUsername().equals(username) && user.getPassword().equals(password)) {
                request.getSession().setAttribute("user",user);//登陆成功,向session中存入一个登陆标识
                response.sendRedirect("LoginIndex.jsp");
                return;
            }
        }
        out.write("用户名或密码不对!!");
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}


class DB{

    public static List list=new ArrayList();
    static {
        list.add(new User("aaa","123"));
        list.add(new User("bbb","123"));
        list.add(new User("ccc","123"));
    }
    public static List getAll() {
        return list;
    }
}

LoginIndex.jsp

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
    欢迎您:$(User.username) <a href="">登陆</a><br/><!--取出session中的user对象  -->
    <a href="LogoutServlet">退出登录</a>
    <br/><br/><br/>
</body>
</html>

LogoutServlet.java

package cn.itcast.session;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 完成用户注销
 */
@WebServlet("/LogoutServlet")
public class LogoutServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session=request.getSession(false);
        if(session==null) {
            response.sendRedirect("login.html");
            return;
        }
        session.removeAttribute("user");
        response.sendRedirect("login.html");
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

example3(购买书籍、禁用cookie、关闭浏览器的应用)

Session1

package cn.itcast.sessionAplication;

import java.io.IOException;
import java.io.PrintWriter;
import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.Map;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 代表网站首页,列出所有书
 */
@WebServlet("/Session1")
public class Session1 extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();
        out.print("本网站有如下商品:<br/>");

        request.getSession();//只有在此处得到了session,才能在response.encodeURL()中得到session的Id号

        Map<String,Book>map=Db.getAll();
        for(Map.Entry<String, Book>entry:map.entrySet()) {
            Book book=entry.getValue();

            //out.print(book.getName()+"<a href='BuyServlet?id="+book.getId()+"'target='_blank'>购买</a><br/>");
            //用于解决禁用Cookie的写法
            String url=response.encodeURL("BuyServlet?id="+book.getId());
            out.print(book.getName()+"<a href='"+url+"' target='_blank'>购买</a><br/>");
        }
    }
        /**
         * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
         */
        protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            // TODO Auto-generated method stub
            doGet(request, response);
        }

    }


class Db{
        private static Map<String,Book> map=new LinkedHashMap();
        static {
            map.put("1", new Book("1","javaweb开发","老张","一本好书"));
            map.put("2", new Book("2","jdbc开发","老张","一本好书"));
            map.put("3", new Book("3","spring开发","老黎","一本好书"));
            map.put("4", new Book("4","struts开发","老毕","一本好书"));
            map.put("5", new Book("5","android开发","老黎","一本好书"));
        }
        public static Map getAll() {
            return map;
        }
    }



    class Book implements Serializable{
        public Book() {
            super();
            // TODO Auto-generated constructor stub
        }
        public Book(String id, String name, String author, String description) {
            super();
            this.id = id;
            this.name = name;
            this.author = author;
            this.description = description;
        }
        private String id;
        private String name;
        private String author;
        private String description;

        public String getId() {
            return id;
        }
        public void setId(String id) {
            this.id = id;
        }
        public String getName() {
            return name;
        }
        public void setName(String name) {
            this.name = name;
        }
        public String getAuthor() {
            return author;
        }
        public void setAuthor(String author) {
            this.author = author;
        }
        public String getDescription() {
            return description;
        }
        public void setDescription(String description) {
            this.description = description;
        }

    }

BuyServlet.java

package cn.itcast.sessionAplication;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 完成购买
 */
@WebServlet("/BuyServlet")
public class BuyServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String id=request.getParameter("id");
        Book book=(Book)Db.getAll().get(id);

        //HttpSession session=request.getSession();
        HttpSession session=request.getSession(false);//配合禁用cookie的写法
        //手工以cookie形式发sessionid,以解决关闭浏览器后,上次买的东西还在

        //从session得到用户用于保存所有书的集合(购物车)
        List list=(List)session.getAttribute("list");
        if(list==null) {
            list=new ArrayList();
            session.setAttribute("list", list);

        }
        list.add(book);
        //配合禁用cookie的写法
        String url=response.encodeRedirectURL("ListCartServlet");
        response.sendRedirect(url);

        //response.sendRedirect(request.getContextPath()+"ListCartServlet");

    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

ListCartServlet.java

package cn.itcast.sessionAplication;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 显示用户购买的商品
 */
@WebServlet("/ListCartServlet")
public class ListCartServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        PrintWriter out=response.getWriter();

        HttpSession session=request.getSession(false);
        if(session==null) {
            out.write("您没有购买任何商品!!");
            return;
        }
        out.write("您购买了如下商品:<br/>");
        List<Book>list=(List)session.getAttribute("list");
        for(Book book:list) {
            out.write(book.getName());
        }
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

example4 (防止表单重复提交)

javascript防表单重复提交(不能完全解决)

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
<script type="text/javascript">
<!-- javascript防表单重复提交方式一
    var iscommitted=false;
    function dosubmit(){
        if(!iscommited){
            iscommited=true;
            return true;
        }else{
            return false;
        }
    }
    -->
    <!-- javascript防表单重复提交方式二-->
    function dosubmit(){
        var input=document.getElementById("submit");
        input.disabled='disabled';
        return true;
    }
</script>
</head>
<body>
    <form action="DoFormServlet" method="post" onsubmit="return dosubmit()">
        用户名:<input type="text" name="username">
        <input type="submit" value="提交">

    </form>
</body>
</html>

base64编码
这里写图片描述

服务器端和前端同时防止表单重复提交
FormServlet.java

package cn.itcast.sessionAplication1;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import sun.misc.BASE64Encoder;

/**
 * 产生表单
 */
@WebServlet("/FormServlet")
public class FormServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //产生随机数(表单)
        TokenProcessor tp=TokenProcessor.getInstance();
        String token=tp.generateToken();

        request.getSession().setAttribute("token", token);

        request.getRequestDispatcher("formServletJS.jsp").forward(request, response);

    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}


class TokenProcessor{   //创建一个令牌
    /*
     * 1、把构建方法私有
     * 2、自己创建一个
     * 3、对外暴露一个方法,允许获取上面创建的对象
     * 
     * */

    private TokenProcessor() {};
    private static final TokenProcessor instance=new TokenProcessor();
    public static TokenProcessor getInstance(){
        return instance;
    }
    //随机数发生器
    public String generateToken() {
        //获取随机数,但由此获取到的随机数长度可能不一样,但它们的摘要一样,所以为了保证它们的长度一致选用它们的数据摘要
        String token=System.currentTimeMillis()+new Random().nextInt()+"";//获取随机数
        try {
            //通过md5算法得到数据摘要,无论数据有多大,它的数据摘要始终是128位
            MessageDigest md=MessageDigest.getInstance("md5");//
            byte[]md5=md.digest(token.getBytes());//返回的是任意二进制字节数组

            //return new String(md5);//这样行不通,因为没有没有指定码表,它会默认查GB2312码表,然而它与二进制字节数组不一定有对应的码值,所以必定是个乱码
            //为了让它不是乱码,所以采用base64编码
            BASE64Encoder encoder=new BASE64Encoder();
            return encoder.encode(md5);
        }catch(NoSuchAlgorithmException e){
            throw new RuntimeException(e);
        }
    }
}

formServletJS.jsp

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
<script type="text/javascript">
function dosubmit(){
    var input=document.getElementById("submit");
    input.disabled='disabled';
    return true;
}

</script>
</head>
<body>
    <form action="DoFormServlet" onsubmit="return dosubmit()" method="post">
        <input type="hidden" name="token" value="$(token)">
        用户名:<input type="text" name="username"><br/>
        <input type="submit" value="提交">
    </form>
</body>
</html>

DoFormServlet.java

package cn.itcast.sessionAplication1;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 处理表单提交请求
 */
@WebServlet("/DoFormServlet")
public class DoFormServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        boolean b=isTokenValid(request);
        if(!b) {
            System.out.println("请不要重复提交");
            return;
        }
        request.getSession().removeAttribute("token");
        System.out.println("向数据库注册用户----");
    }
    //判断表单号是否有效
    private boolean isTokenValid(HttpServletRequest request) {
        // TODO Auto-generated method stub
        String client_token=request.getParameter("token");//客户端的token表单
        if(client_token==null) {
            return false;
        }
        String server_token=(String)request.getSession().getAttribute("token");//获取服务器中的token表单
        if(server_token==null) {
            return false;
        }
        if(!client_token.equals(server_token)) {
            return false;
        }
        return true;
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

example5 验证码校验

Checkcode1.java

package cn.itcast.sessionCheckcode;

import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.Graphics2D;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.util.Random;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class Checkcode1
 */
@WebServlet("/Checkcode1")
public class Checkcode1 extends HttpServlet {
private static final long serialVersionUID = 1L;

    public static final int WIDTH=120;
    public static final int HEIGHT=25;
    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        BufferedImage image=new BufferedImage(WIDTH,HEIGHT,BufferedImage.TYPE_INT_RGB);//构建出一张图片
        Graphics g=image.getGraphics();//使得能在图片上进行设置

        //1、设置背景色
        setBackGround(g);
        //2、设置边框
        setBorder(g);
        //3、画干扰线
        drawRandomLine(g);
        //4、写随机数
        String random=drawRandomNum((Graphics2D) g);
        request.getSession().setAttribute("imagecheckcode",random);

        //5、图形写给浏览器
        //发头控制浏览器不要缓存,如果没有这步的话当我们访问Register网页时不点刷新,直接按回车,图片还是保持不变
        //点击刷新的时候会产生两个动作:一是重新清空缓存;二是重新运行程序
        response.setDateHeader("expire", -1);//控制所有浏览器都不要缓存
        response.setHeader("Cache-Control", "no-cache");
        response.setHeader("Pragma", "no-cache");

        response.setContentType("image/jpeg");
        ImageIO.write(image, "jpg", response.getOutputStream());


    }

    private String drawRandomNum(Graphics2D g) {
        // TODO Auto-generated method stub
        g.setColor(Color.RED);
        g.setFont(new Font("宋体",Font.BOLD,20));

        String base="\u6d4e\u8499\u68cb\u7aef\u817f\u62db\u91ca\u4ecb\u70e7\u8bef";

        StringBuffer sb=new StringBuffer();
        //[\u4e00-\u9fa5]
        int x=5;
        for(int i=0;i<4;i++) {

            int degree=new Random().nextInt()%30;//从-30-30之间产生一个随机数

            //Graphics2D类才有旋转功能
            //new Random().nextInt(base.length()):在base的长度以内产生一个随机数
            String ch=base.charAt(new Random().nextInt(base.length()))+"";
            sb.append(ch);
            g.rotate(degree*Math.PI/180,x,20);//设置旋转角度
            g.drawString(ch, x, 20);
            g.rotate(-degree*Math.PI/180,x,20);//转回去
            x+=30;
        }
        return sb.toString();
    }

    private void drawRandomLine(Graphics g) {
        // TODO Auto-generated method stub
        g.setColor(Color.GREEN);
        for(int i=0;i<5;i++) {
            int x1=new Random().nextInt(WIDTH);
            int y1=new Random().nextInt(HEIGHT);

            int x2=new Random().nextInt(WIDTH);
            int y2=new Random().nextInt(HEIGHT);
            g.drawLine(x1, y1, x2, y2);
        }
    }

    private void setBorder(Graphics g) {
        // TODO Auto-generated method stub
        g.setColor(Color.BLUE);
        g.drawRect(1, 1,WIDTH-2, HEIGHT-2);
    }

    private void setBackGround(Graphics g) {
        // TODO Auto-generated method stub
        g.setColor(Color.WHITE);
        g.fillRect(0, 0, WIDTH, HEIGHT);
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}

Checkcode.html

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>

<script type="text/javascript">
    function changeImage(img){
        //如果只写img.src=img.src则点击不会变,它会调用缓存中的图片(我们没刷新,也没访问之前的地址),当我们给它加上"?"后则每次请求的都是新地址
        //缓存中自然没有之前的图片,所以会调用新的图片(没有后面的new Date().getTime()也能运行)
        img.src=img.src+"?"+new Date().getTime();
    }
</script>

</head>
<body>
    <!-- 点击图片时验证码更换 -->
    <form action="RegisterServlet" method="post">
        用户名:<input type="text" name="username"><br/>
        密码:<input type="password" name="password"><br/>
        认证码:<input type="text" name="checkcode">
        <img src="Checkcode1" onclick="changeImage(this)" alt="换一张" style="cursor:pointer "><br/>
        <input type="submit" value="注册">
    </form>
</body>
</html>

RegisterServlet.java

package cn.itcast.sessionCheckcode;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet中的context域用的地方:产生的数据,页面不仅显示,等会儿用完了,还要给其他的servlet用
 * request域的用处:产生的数据,显示完了,就不用了
 * session:产生的数据,显示完了,还要用
 */
@WebServlet("/RegisterServlet")
public class RegisterServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /**
     * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.setCharacterEncoding("utf-8");//没有这句,则我们输入的中文,c_checkcode收到的将是乱码

        //处理注册请求之前,校验认证码是否有效
        String c_checkcode=request.getParameter("checkcode");
        String s_checkcode=(String) request.getSession().getAttribute("imagecheckcode");
        if(c_checkcode!=null && s_checkcode!=null && c_checkcode.equals(s_checkcode)) {
            System.out.println("处理注册请求!");
        }else {
            System.out.println("认证码错误!");
        }
    }

    /**
     * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        doGet(request, response);
    }

}
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值